<?php

/**
 * Access Control List
 * This class defines the different access controls
 *  needed to access specific resources within the application
 */

class Model_acl extends  Zend_Acl {
	
	public function __construct() {

		
		//Roles
		$this->addRole(new Zend_Acl_Role ('guest'));	
		$this->addRole(new Zend_Acl_Role('user'), 'guest');
		$this->addRole(new Zend_Acl_Role('admin'), 'user');
		
		//Communiy Module Resources -- All resources inherit from the module community
		$this->add(new Zend_Acl_Resource('community'))
			 ->add(new Zend_Acl_Resource('community:index'), 'community')
			 ->add(new Zend_Acl_Resource('community:ratecourse'), 'community')
			 ->add(new Zend_Acl_Resource('community:Comparecourse'), 'community');
			 

		 //Default Module Resources	--All resources inherit from the module default
		$this->add(new Zend_Acl_Resource('default'))
			 ->add(new Zend_Acl_Resource('default:index'), 'default')
			->add(new Zend_Acl_Resource('default:error'), 'default')
			->add(new Zend_Acl_Resource('default:account'), 'default');
			
		//Account module resources -- All resources inherit from the account module
		$this->add(new Zend_Acl_Resource('account'))
			 ->add(new Zend_Acl_Resource('account:users'), 'account')
			 ->add(new Zend_Acl_Resource('account:index'), 'account');
			 
			 
			 
		//Admin Module Resources --All resources inherid from the module admin
		$this->add(new Zend_Acl_Resource('admin'))
			 ->add(new Zend_Acl_Resource('admin:index'), 'admin')
			 ->add(new Zend_Acl_Resource('admin:usermanagement'), 'admin')
			 ->add(new Zend_Acl_Resource('admin:courses'), 'admin')
			 ->add(new Zend_Acl_Resource('admin:dept'), 'admin')
			 ->add(new Zend_Acl_Resource('admin:school'), 'admin');
			 
		
		/**
		 * Resources for the student Module
		 * 
					 */
					
					$this->add(new Zend_Acl_Resource('student'))
						 ->add(new Zend_Acl_Resource('student:index'), 'student')
                         ->add(new Zend_Acl_Resource('student:course'), 'student')
                         ->add(new Zend_Acl_Resource('student:assessment'), 'student')
                         ->add(new Zend_Acl_Resource('student:grade'), 'student')
                         ->add(new Zend_Acl_Resource('student:scale'), 'student')
                         ->add(new Zend_Acl_Resource('student:tracker'), 'student')
                         ->add(new Zend_Acl_Resource('student:gpa'), 'student');
		
		/**
		 *Application Permissions
		 *A guest is able to login, register and view the about pages of the system.
		 *A guest is also able to view all options in the Community module except for rating a course.
		 */
		$this->allow('guest', 'default:index', array('index', 'input', 'thank', 'about'))
			 ->allow('guest', 'default:error', 'error')
			 ->allow('guest', 'account:users', array('login', 'register', 'recover', 'thanks', 'activate'))
			 ->allow('guest','student:index', 'index');
			 
		$this->allow('guest', 'community:index', 'index')
			 ->allow('guest', 'community:Comparecourse', array('index', 'select', 'compare'))
			 ->allow('guest', 'community:ratecourse', array('index',  'getdepts', 'diff', 'instr', 'grade', 'time', 'text',
													 'getcourses', 'getperiod',  'viewcomments', 'thank', 'viewaverage', 'deletecomment'));

			 
			 
		/**
		 * Users have all permissions as guests with the additional permission of being able to rate 
		 * a particular course
		 */
		$this->allow('user', 'account:users', array('logout', 'edit', 'viewprofile'))
			 ->allow('user', 'community:ratecourse', 'rate')
													 
			 ->allow('user', 'account:index', array('index', 'myratings'))
			 ->deny('user', 'account:users', array('login', 'register'));
			 
		$this->allow('admin', 'admin:usermanagement', array('listusers','deluser', 'avgratings', 'viewcomments'))
			 ->allow('admin', 'admin:index', array('index'))
			 ->allow('admin', 'admin:courses', array('index', 'viewschools', 'getdepts', 'getactions', 'getcourses', 'edit', 'delete'))
			 ->allow('admin', 'admin:dept', array('index', 'add-dept', 'editdept', 'delete', 'viewdepts', 'deletedept'))
			 ->allow('admin', 'admin:school', array('index', 'addschool', 'viewschools', 'add-dept-school', 'updateschool', 'removeschool'));

		//User Permissions for Community module

					$this->allow('user', 'student:index', 'index')
                         ->allow('user', 'student:course',array('index', 'add', 'view', 'edit','delete'))
                         ->allow('user', 'student:assessment', array('index', 'add', 'view', 'edit', 'delete'))
                         ->allow('user', 'student:grade', array('index', 'add', 'view', 'edit', 'delete', 'addmore'))
                         ->allow('user', 'student:scale', array('index', 'Add', 'view', '', 'delete'))
                         ->allow('user', 'student:gpa', array('index', 'view'))
                         ->allow('user', 'student:tracker', array('index'))
                        ->allow('user', 'student:index', array('index','welcome'));
                        		/*
		$this->allow('admin', 'admin');
		$this->allow('user', 'index');
		$this->allow('user', 'error');
		$this->allow('user', 'community', 'index');
		$this->allow('admin', 'community', 'rate');*/
		
	}
	
}
